Slashdot videos: Now with more Slashdot!

View

Discuss

Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).

An anonymous reader submits "Several people have discovered that the new Intel kernel Apple has included with the Developer Kit DVD uses TCPA/TPM DRM. More specifically, it includes "a TCPA/Palladium implementation that uses a Infineon 1.1 chip which will prevent certain parts of the OS from working unless authorized."

I don't want to start a holy war here, but what is the deal with you Mac fanatics? I've been sitting here at my freelance gig in front of one of the new Macs (a 1.6terahz G6 w/256 Gigs of RAM and OS X Manx) for about 20 minutes now while it attempts to copy a 700 Meg rip of Braveheart from one folder on the hard drive to another folder. 20 minutes. And there's a popup screen telling me "Don't Steal Movies" the entire time.

At home, on my Pentium Pro 200 running NT 4, which by all standards should be a lot slower than this Mac, the same operation would take about 2 minutes. If that.

Don't they teach you new whippersnappers anything these days? Or do I have to explain the origin of the "No wireless. Less capacity than a Nomad. Lame." and the "and then it was like, beep beep beep..." joke to you, as well?:)

nah don't worry about switching. all commercial vendors of os's will use drm. so strap yourself in, enjoy your new found freedom; the freedom to know you can't do anything about it.

there just won't be a public backlash this time. it'll creep in slowly.

how to make amphibians edible through the use of high temperature h2o.

the GNU philopsophy will save us all... if it weren't for the fact that they are a bunch of pinko terrorists.

not that i'm saying we should give up by any means except that i just don't see this going away like the BS "test the waters" cpu serial # scandal a few years ago.

so many companies have invested heavily in digital -end user handcuffs that it's very improbable that they will give up easily. and the media certainly won't be telling the public anything negative, that much you can count on.

i would like to donate to the eff, except i don't want to be put on a list of terrorists. the only way to even have a remote chance of beating this nonsense (criminal and unethical behavior) is to educate the public at a greater rate than the "mainstream media" can "educate" them.

Interesting aside - last night my flatmate wandered in while I was talking to another geek friend about the TCA, Windows DRM^H^H^HVista and related matters.

This guy is no techie (christ, he asked me to help him hook his monitor up last week), but he listened in and asked us to explain exactly what Trusted Computing was. We sketched out the very basics - media files dialling home before play, your rights/viewing-licence agreement changing after purchase at the whims of the content producer, other theoretically possible restrictions that DRM allows for, files refusing to play on non-trusted platforms and your PC dynamically downsampling future DVDs if it detects your monitor isn't Trusted.

At the end of the five-minute conversation (again, attempting to inform rather than frighten) the guy was more pissed off than I've ever seen him - practically kicking furniture and swearing he'd never buy a bit of TCA-compliant electronics. Ever.

As I said, while this guy isn't stupid, he's not even remotely technical. And when he appreciated the actual, real-life restrictions Trusted Computing would place on him he was angry.

There is hope for these people, if they can be educated before the fight is over.

Let's assume (perhaps falsely) that the RIAA/MPAA aren't literally Satan's spawn. They have a good reason for wanting DRM: they spend a lot of money to make music/movies. They'd like to get paid for that, and the current environment makes it easy for people to get the full benefit of their work without paying for it.

You know all this, so I'm not going to explain any further, but the question is, did you explain this to your friend? It's easy to get people angry when you explain only one side of the story. And if you want to use him as an example you have to be extra-careful to present their side as persuasively as possible, because you're obviously coming to this with a bias.

Look, I agree that the DRM they want to use is too restrictive. But the absolutely-no-DRM environment is also not completely fair to them. So the attitude of simply getting angry at them for proposing an alternative is just wrong. The proper attitude is closer to, "Gee, neither situation is tenable, let's figure out what's genuinely fair."

They'd like to get paid for that, and the current environment makes it easy for people to get the full benefit of their work without paying for it.

Ah, but the problem is, that's not his fucking problem. What is his problem is having to wait a few hours to listen to the latest music because his internet connection is temporarily down. Or not being able to listen to it in his car without an "authorized" piece of hardware.

There are a hundred ways DRM could be the cause of future customer aggrivation. And in their mind, all these problems with piracy are not their problem, because they were good little consumers and coughed up their hard-earned dough.

Something I learned early on in business: it can take millions of dollars to get a new customer, but a single stupid mistake to lose them forever.

Another thing you should have learned in business is that your business partner's problem is also your problem. The **AAs are your partners: you buy things for them. Claiming that their problems are theirs alone is self-defeating, because it leads precisely where you're suggesting: they'll stick the most restrictive DRM they can on it, and suddenly their problem becomes your problem.So rather than just getting angry and saying, "Hey, you're trying to take away my fair use rights, I demand everything that'

the copyright infringers didn't put the DRM in the machines. trying to prevent people from copying on a computer is like preventing fish from getting wet.

you'll more than likely piss off the users/fish far more than you'll prevent copying.

but that's not even relevant to this issue.

how is paying for mac os x and installing it on an x86 computer you already own, copyright infringement? paying for the software obviously means that the vendor has complete control over what you do with it.

it's a sad world we live in... because we're all responsible for our ills, in one way or another.

It depends on what you are paying for. If you are paying for a license to use the software that has caveats/rules attached, and you agree to them, then you live by them (unless you are as unethical as some of the big software companies seem to be sometimes). If the license say that you can only use the OS software on a machine exclusively manufactured by Mac, and you agree to the license, then too bad, so sad, that is what you agree too. And if the result of you not accepting the agreement is that you c

Sure, unless you believe the doctrine of first sale applies. I don't "license" my computer; I buy it. Any information on it or with it is mine just like the hardware is, because I never agreed to any kind of license at the time of purchase.

And before you try to tell me "but that's not how it works," I say fuck "how it works." The scum who think up these fake "licenses" can cram them up their ass! They can claim that EULAs exist and are valid all they want, but it doesn't make it true.

You don't license your hardware, but you do license your software. To put another spin on it, do you think it would be alright to buy copy of the latest Harry Potter book, copy out the text, and start selling your own printed versions? Notice I am not talking about loaning your book to that person, but actually making a copy. You are always free to loan your computer (and the software on it) to a friend.

And here, ladies and gentlemen, we have another person who have fallen for the FUD and no longer believes you can own a copy - you either own the copyright, or you license it. The copyright, the right to make copies, has always been protected by copyright law. If you sell me a Harry Potter book (the copy), you do not need to have a license agreement with me.

Licensing has nothing to do with the right to make copies. It is about controlling how and what you do with your copy, and to avoid consumer rights we recieve by a sale. For example, to only allow playback on approved devices to limit features (disable fast forward), collect player royalties, enforce artifical market barriers (zones)or to tie licenses to specific hardware or activation schemes to prevent resale, or to remove the rights you normally would have under fair use and other laws.

Anything that isn't lent, rented or leased, I consider sold. You sell me CDs, DVDs, iTMS songs and Windows XP. Not the copytight, the copy. That is my personal philosophy at least. The law is bought.

I'd also like to add that, originally, copyright gave a limited monopoly on "publishing". Copying from your own copy of a book was not covered by the law - and at the time, the extent of protection was 7 years

You are actually entitled to do many things, like reverse engineering (excpting where the DMCA is involved), and making copies of small amounts for various purposes (like education), without any permission from the copyright owner

What most software vendors do, is force you to agree to a "license agreement". Agreement as in contract, which is used to actually restrict you further than copyright alone would.

No, I'm being held responsible for someone else's ills. That's the bit that gets to me. I'm being presumed guilty before I even buy a computer, and therefore restricted in the use of my own property.

I have to deal with speed limits being lowered to deal with idiots who speed, bag searches at supermarkets because of idiots who shoplift, and even more intensive screenings at airports because of morons who want to use innocents for their own personal socio-political stupidity. Now I'm also being restricted in my personal hobby interest and profession?

I think I'll be sticking to Linux, where groups like Debian will remove software because it comes under a license that's too restrictive.

you have to admit that if people weren't pirating things, there'd be no need for DRM.

Nah, if "content providers" weren't such greedy bloodsucking parasites, then there'd be no need for DRM.

how can you blame companies for trying to protect their profits when thousands of people are ripping them off every day?

Because those companies didn't actually EARN those profits by providing a desired good or service at a price that buyers were willing to pay? Like what would happen in a _real_ capitalistic market instead of a government-mandated one.

You know... as much as it sucks, you have to admit that if people weren't pirating things, there'd be no need for DRM.

That's the same way I feel when a cop wants to search me illegally or otherwise hassles me. Or when my employer wants to make me take a drug test even though I don't even so much as smoke cigerettes or drink alchohol and my job involves me sitting at a desk reading and writing things of little consequence.

Yep. I just think to myself "This sucks, but I don't need to be angry at the police or employers for violating my rights or my privacy. I need to be angry at the weekend pot smokers who make it necessary for people to infringe on my privacy or violate my constitutional rights".

And when the cops shoot a black man for having a candybar in his pocket or shoot an unarmed non violent black man four dozen times at close range, I just think "It sucks, but if black people weren't out there killing every person they come across, these police wouldn't have to senselessly murder any of them".

You have got to be a troll. I can't honestly believe any grown adult (I presume you are an adult as you appear to work) would hold such a narrow minded view of the world.

I wouldn't normally lay into someone expressing their opinion on a public forum but I believe you, and the thousands like you, who adopt the view given to them by the media are stealing the rights and freedoms of the thinking people.

The mass media has the sole goal of making as much money as possible and will attempt to achieve that by

Well I for one do not agree with your world view but maybe its BECAUSE I am a full grown adult. When I was a teen, pot smoking seemed like a fun, harmless thing. My employer for the last 19 years (Army) takes a hard line on drug use and I have o problem with that. See, I dont like the idea of the guy next to me with a gun being stoned - or drunk for that matter. As my daughter approaches teen dating years I developed a dim view of most young men and an even dimmer view of any with cars or motorcycles.

I can understand the Illegal Search by the Cop (as I've been made to under-go such a thing myself,) but as to the drug testing, unless you did not agree to such a thing when you started your job, well, it's kind of like having to deal with a Non-Compete clause. You agreed to it.

This isn't true. Contracts can contain illegal terms, and if they do then they're invalid. An obvious example would be if an employer inserted a clause saying they could kill you if your performance fell below a certain leve

You know... as much as it sucks, you have to admit that if people weren't pirating things, there'd be no need for DRM.

This is laughable, to say the least. Companies want DRM not because of rampant piracy, but because the technology is advancing so fast, they can't predict where the future lies; and they want to be able to make money regardless of which way the technology turns.

Tell me something: is photocopying of books (by poor students, usually) not piracy? Then why don't copier makers have DRM? Where's the DRM for FM radio? People used to make copies of broadcast songs quite rampantly.

Any fool who thinks DRM is about "stopping piracy" is nothing but a pure fool who's had too much Koolaid.

Actually such technology does exist, as there was for a time 'anti-photocopy' school books being sold in Poland, however due to the huge increase in costs in the school books, teachers, school educators went a long with alternative books that didn't have this protection.

So.. They (the publishers) stopped using the technology since it was too expensive and not making money.

You know... as much as it sucks, you have to admit that if people weren't pirating things, there'd be no need for DRM.

Honestly, how can you blame companies for trying to protect their profits when thousands of people are ripping them off every day?

Instead of just blindly saying "pirates are bad" and then handcuffing everyone, even the law abiding people who make them money, they should examin _why_ people pirate. Obviously there is the "pay vs. free" thing, but there are other factors for why people pirate stuff.

A lot of piracy is at least partly down to the pirated material being "better" than the originals in many ways - take TV shows for example. Why do people download them from torrents instead of watching them on TV? Certainly for me, the reason for doing it is that I have to wait well over 3 months after the original air-date for most stuff to get shown here in the UK. I.e. the illegal distribution method is a lot better than the legal one.

Another example: I buy music CDs. Once I have bought them then they get ripped to MP3 so I can easilly get at the music without sorting through stacks of CDs and the CDs themselves only get used on my personal CD player and in the car. So if I buy a CD that's "copy protected" which won't let me do this, it's useless to me, whereas the MP3s of the same CD I can download work fine. I.e. the illegal copies allow me to do what I need (and should be able to do with something I've legally bought), and thus are "better".

A large proportion of people _want_ the legal version of something, but they're not going to buy it if the illegal version is so much better. The producers should look at this and rather than stamping out the illegal competition through restrictions they should improve their own systems so that they "outcompete" the illegal stuff.

Don't kid yourself. DRM is only partially about preventing copyright infringement.A major part of it, perhaps THE major part of it is about creating new business models by eliminating the ability of users to use their fair-use rights.For example, most cable HD boxes have DVI connectors that are NOT compatible with the DVI inputs on computer monitors... instead of being able to use your PC monitor as a HDTV.

Why? Because they don't want people using their PCs as video recorders even though people have every l

The copyrighters right to copyright is not protected by the U.S. Constitution

...Section 8 - Powers of Congress

Yep - that would be the ability of the US Congress to control whether or not the copyrighters have a right to copyright. Note that it provides congress with a power, it does not provide the people with a right.

Importantly, it has the clause "to promote the Progress of Science and useful Arts" - once copyright is no longer filling that role, it should not be in place...

To promote the progress of science and useful arts, by securing for limited times to authors and inventors the exclusive right to their respective writings and discoveries;

The Constitution grants congress its powers. Congress has, theoretically, no powers that are not granted directly or by implication in article 1 or by a subeseuqent amendment. So far so good. But like "Thou Shalt Not Kill", there's countless ways to pull out loopholes by mean

Erm, I don't think this is quite what you think. Apple already doesn't treat customers like scum the way Microsoft does (which I appreciate; I'm honest, but I don't like the assumption that I am not). I think this is just Apple's already-known plans to prevent the OS from not running on anything they haven't sold as a Mac. In other words, you have to buy a computer from Apple to run their OS. Which makes sense -- Apple is a hardware company primarily and makes its money mostly from the computer sales.

On the other hand, Apple treats developers somewhere between equally bad as MS and worse. Think of all the nifty features in OSX, and most of them started life as third party products that Apple decided to reimplement and give away with the next version of OSX. At least Microsoft has the benevolence of buying somebody out for their new features.The only real reason Apple doesn't have to treat its customers like thieves is that you already paid them through your own asshole for the hardware. I'm not sure wha

Think of all the nifty features in OSX, and most of them started life as third party products that Apple decided to reimplement and give away with the next version of OSX

Yeah, Heaven forbid that innovative software could actually be reimplemented by third parties and offered for free to consumers. I mean, next thing you know they might actually make a whole OS by taking ideas here and there and start offering it for free ! Imagine the havoc on poor little OS developers worldwide !

Good thing that our modern democracies have invented software patents, so we can prevent such a catastrophe from ever happening....

I think you have to accept that in some cases, the product they are imitating wasn't done all that well, or their prefered implementation is that much closer to the OS, or may be affected by long term strategy (think Intel switch), that it may have seemed an easier alternative to just implement from scratch.

IT was proved that what happened to Opera was a mistake, not malicious activity. The CSS used was to fix a bug in the rendering of the page on an older version of Opera, it just happens that it was fixed in the release and it came to light within a couple of days. MS fixed it, move on. Im sure any webdevelopers has had pages break after a browser upgrade.

Except for the vast bulk of legitimate users it doesn't, because so few of them upgrade their computers at all, let alone enough to trigger any reactivation sequence.

Are you kidding? Legitimate users are the only ones it interferes with. Pirates just use Corporate Edition and don't deal with all that bullshit.

Hell, I know lots of people who own XP because it came with their computer, and they still wipe it and throw a copy of corporate on there because the product activation/windows update bullshit screws up their system from time to time.

Uh, dude, it's not 1999. Most respectable distros do all for you now anyhow (detect your vid card, sound, etc.) You might only get in a little trouble if your hardware is say a month or two old. And yes, laptops can be more annoying. Really, I find at this point linux hardware detection to be far better than windows (for the simple reason that the last installment of a consumer windows is rather old at this point.)Case in point, I have this dell d610 latitude here I'm borriwing. On it I have windows XP

if you're coming from M$ Windows. As a matter of fact, I'd say it's not a whole lot easier (if at all) to use than the default "desktop" install of Redhat or Suse Linux. The only advantage you'd have over Linux is the ability to walk into a store and buy shrinkwrapped software and even that's not entirely easy for Mac owners since a lot of stores don't carry Mac titles either.

THESE ARE DEVELOPER MACHINES AND DO NOT REPRESENT HARDWARE THAT APPLE WILL SHIP.

There. Apple has said many times they don't plan on using a BIOS in the shipping products, and have hinted at EFI. But the first developer machines have a BIOS, so everyone ignores Apple and assumes it will have a BIOS. Apple has a huge investment in driving forward with 64bit with all the marketing they have done, and yet everyone expects PowerMacs with the same Pentium chips in the developer machines that aren't 64 bit.

Nowthis DRM thing comes up. Will Apple do similar in shipping hardware? It's hard to say. But right now, noone here can say yes or no for sure (unless your sitting at Apple's HQ working on the new products right now). I myself wouldn't be suprised if they do indeed put some kind of protection on, as the Mac OS has always had some kind of odd hardware requirement that prevents it from easially just running on a clone PowerPC box.

Just settle down and wait until real products ship. Because if you have OS X 10.4.1 for Intel, you either have the hardware to run it on due to your developer program, or you pirated the ISO image off some torrent site and have it illegially.

Yeah, sure, OS X will probably be runnable on a non Apple box some day. But guess what, it's likely to be a hacked up solution that kinda sorta works, and leaves you wasting time that could have been spent earning money to just buy a $500 Mac Mini. For me, my Apple hardware is a big reason I moved to OS X. Running OS X on my Dell just wouldn't be the same.

THESE ARE DEVELOPER MACHINES AND DO NOT REPRESENT HARDWARE THAT APPLE WILL SHIP.

There's a word for people like you: a useful idiot.

Sure, Apple has coded up this DRM implementation for fun and has no intention of using it. Apple and Jobs has sold you out... get over it. They jumped to Intel to get this Trusted Computing stuff and now they are using it.

You can put your hands over your ears and sing lalalalalala, but it won't change anything. The message that has to go out from here is simple and the same one that should go out to any software/hardware company that involves itself with this anti-customer bullshit: Don't buy Apple. If their sales drop because of this action, then perhaps they'll listen... but if idiots like you continue to defend their actions with ever more ludicrous excuses that won't happen.

Damn, talk about irony! The entire "free software" community has had its fists buried so deeply in its ears over this issue for years now it is doubtful we can make a meaningful recovery of the ground that has been lost.

You try to pretend TCPA and DRM can be killed at birth and you are wrong. You try tto pretend DRM cannot be made to work and you are wrong. The same technology that protects HOLLYWOODS data can protect YOUR dat and MY data. DRM will allow computing to move into a new paradigm where conversations can be reasonably assured of being completely ephemeral OR where "data" can be moved from point A to point B with the relative security and geographic displacement of a physical object. But people lie and copy and cheat and forge and so to do this requires a *trusted platform* - a system you and I can both agree has been verified for honesty by a disinterested third party to our exchange.

If you don't want to buy DRM media then don't buy it. But insisting someone is trying to "take your rights away" because they are asserting *their* rights is, at best, disengenuous.

The open source community at large needs to take off the tinfoil hats and start doing some real development on these platforms. Like it or not DRM is coming and if you sit out the party no one is going to listen to you complain that everyone else already got all the cake and ice cream.

THESE ARE DEVELOPER MACHINES AND DO NOT REPRESENT HARDWARE THAT APPLE WILL SHIP.

This is about the kernel, not the hardware.

Really, if we take this attitude, we're forced to conclude that NOTHING about the developer platform can be counted upon to be in the commercial product. That's completely absurd. No, not everything will be in the commercial product, but it's not like they deliberately build the developer platform to be completely different from what they eventually release to the public.

Common sense tells us that if there's DRM support in the OS X on Intel kernel, there's at the very least a chance that it'll be in the shipping product.

If we're going to make noise over it, we damn well ought to do it as soon as we have first inkling of it, not when it's already too late. You don't wait until your neck is in a noose to hire a lawyer.

Well...if you think about it, they never really needed DRM for their OS before. Basically, using PPC was their DRM. Now, they kind of have to do it, don't they? Otherwise someone will hack OS X to work on any machine with an Intel processor and that will cannibalize Apple's hardware sales.

There are other reasons for using the TPM. I'm sure someone with a vivid imagination will come up with more reasons, but here are a couple I came up with when I read the article title:

How did you think they were going to prevent OS X from running on non-Apple Macs? Magic? Voodoo? Asking nicely?

By not writing drivers for 99% of the hardware out there?

Apple doesn't have to do a thing to prevent people from running OS X on non-Apple Macs. They don't have to - it'll be extremely inconvenient to do so already, because drivers don't magically appear out of nowhere just because the chip is manufactured by Intel.

Schiller (a VP) has already stated that the OS will not be usable on generic computers, and why would it? Unlike other OS makers, Apple primarily sells hardware. It would be against their whole business plan to become a generic OS maker.

Hence my comment.

However, I am hopeful that now that standard motherboards are used, costs may be lower which means that Macs may cost less in the future than they do now. However, of course, I don't know whether that will happen.

clearly, it's in their best interest to let people run os x on any computer, but officially state they won't get any support for it. that way people can try it out and use it and apple could still continue making closed systems that they profit from.

Because quite frankly, people are fucking idiots.

HP iPods are unsupported by Apple. They clearly state this. They are constantly revieving complaints that HP iPods aren't being supported.

Apple doesn't cover user stupidity in Apple care. This is also clearly stat

Except that with Mac OS running on Mac hardware only, they can control about 90% of what everything does and there will be very few bugs with a specific motherboard/pci card combination.If they release the OS itself they won't have that same control over the hardware, so they have no guarantees that the software will work as intended, in any capacity.

I honestly think Apple is very smart in this. It avoids a lot of support calls asking "where do I find this control panel?" because they put it one place. In t

R E L E A S E N O T E SThanks to the guys at phe*NIX who released a non-working copy. Too bad we at XiSO had the OSX x86 DVD for a few weeks now, working hard on disabling the Infineon/Trusted Computing module which is present onboard of the "developer" Apple-Intel boxes. As some of you have heard, Rosetta, Apple's binary translation software use

I don't get it - Apple's hardware has always been close system as you can get from PC type computer. So of course they can be 'accidentaly' early addopters of Palladium. Don't like it? Choose another vendor.

Apparently Apple's DRM kernel extension only gets involved when Rosetta is executing code. In other words, if you're running native code, there's no checking. But apparently some critical parts of the kernel are still being executed by Rosetta. And reimplementing the `AppleTPMACPI.kext' in a completely harmless manner (such that it always returns a "Yes go ahead" signal) is an option. As is replacing it at runtime via mach_override.

These boxes aren't even for sale yet. I'm sure that it'll be cracked before that even happens.

Apple does not want OS X installed on every generic PC out there. If Mac sales die tomorrow, Apple and OS X go with it. And no, they wouldn't open all the source after the liquidation and you would be stuck with Linux and Windows on the desktop. With both options being crap (for differing reasons).

I would absolutely love for OS X to be sold for any machine with an Intel or AMD chip inside, but it's just not going to happen because Apple is not positioned to do so and survive.

Fortunately, Apple has never even hinted at taking a route other than having OS X run on their machines and their machines only. Any disappointment should be tempered with the knowledge that they have had their cards on the table on this for some time. I don't think there was any question of another outcome.

Apple is not screwing anyone over, they are just continuing what they have done for the past 21 years (even the brief period of Mac clones only involved the OS running on approved hardware).

Perhaps things will change sometime down the road with Apple making further inroads into consumer electronics and successfully diversifying their business. I wouldn't hold my breath, though. The seamless integration between hardware and software is at the very core of the Mac experience.

It's unfortunate that OS X is going to stay on one set of hardware, but it is just the way it has to be for the time being.

I probably just dont understand the business well enough but if Apple could sell 5 million copies of OS X for (generic) Intel system, why wouldnt they? Is -all- of their money made off of the hardware?

The vast bulk of it. 80-90% if I recall correctly.

How does selling lots of copies of OS X equal Apple losing money?

You're assuming they'd sell lots of copies. That's a big assumption. Certainly their current level of OS license sales couldn't sustain the company, so even if we assume that everyone who uses OS X now were to buy a copy of "Generic Intel OS X", they'd need to expand their sales share significantly.

What the "Why don't they just sell it for generic boxes like Microsoft does and make $$$" crowd forgets is that Microsoft doesn't actually make a lot of money off of people walking in to Circuit City and buying a box copy of Windows. The vast majority of people view installing an OS as being more complicated than building a rocket ship from scratch using only a stick of gum and some 2x4's; the hobbyist market who is comfortable with this sort of thing isn't big enough to sustain a company of any significant size.

No, the real money is in OEM licensing to large volume hardware manufacturers. If Apple sold OS X for generic Intels, everyone would be able to undercut them on hardware prices, so forget about that business. And the walk-in market isn't nearly big enough to sustain them. So unless they could secure a number of OEM deals with the Dells and HPs of the world, they'd be bankrupt within the year. And Microsoft has historically done everything in their power to prevent even insignificant companies like Be from getting their OS shipping pre-installed from the OEM. You'd better believe they'd pull out all the stops to keep Apple out of that market.

So unless they could secure a number of OEM deals with the Dells and HPs of the world, they'd be bankrupt within the year.

HP was selling HP iPods there for a while (stopped recently - it was dumb idea), but obviously Apple is willing to license other vendors to sell stuff... so while you might not see OS X whitebox edition, you might see HP featuring MacOS X. There may be a few laptop vendors like Toshiba interested as well. I have a feeling Dell is too cosy in their arrangements to do any such thing.

The headline states "Mac OS X Intel Kernel Uses DRM". According to TFA, it's Rosetta (the PPC emulator, which isn't written by Apple) that uses DRM, not the kernel of the OS itself: We've discovered that the Rosetta kernel uses TCPA/TPM DRM. Some parts of the GUI like ATSServer are still not native to x86 - meaning that Rosetta is required by the GUI, which in turn requires TPM. In fact, we already know that the kernel doesn't use DRM and can run on any Intel box you want, because it's open source and can be downloaded here [apple.com]. It's the GUI that Apple wants to be locking in to their hardware, not the kernel. I suspect that they probably will make something other than Rosetta check the TCPA chip, but that's not what is going on right now.

If you analyzed the mach_kernel binary file on the Developer Kits, you would see that the kernel is vastly different than the Darwin 8.2 that Apple released as open source. For one thing, it automatically calls the oah750 daemon (better known as Rosetta) every time that it finds a non-universal PPC executable.

Before the kernel uses Rosetta to execute the PPC application (i.e. ATSServer in the case of starting a GUI), it calls the TPM kernel extension and checks the private keys in the TCPA chip. This is the only thing, as far as is apparent, that prevents Mac OS X from flawlessly running on a non-Apple system.

Oh do stop panicing, this will be cracked, and easily, if it has not already been done.

I am beginning to think companies put these copy protection things in the hardware for a variety of reasons:

1) They get free advertising with the protests.2) They get free advertising when it is cracked.3) They get free advertising when they chase the crackers.4) They get free advertising when they chase the cracks' distributors.

Everyone here has been waiting for OSX-x86 ISOs to hit torrent sites so they can run OSX on their whitebox PCs. As has been seen many times before, not every ADC member holds up their end of the bargain with regard to their NDA. Knowing this full well it was rather obvious Apple would have to take some sort of action to keep their OS from being widely pirated within days of the first dev kits being delivered.

There's a lot of hand waving here about companies removing people's rights and slippery slope arguments along the lines of "if they do X they will eventually do Y for reason Z". This entirely ignores the fact that Tiger-x86 is probably the hottest thing to hit torrent sites in a long time. It was bad enough when developer releases of Tiger for PowerPC were making the rounds and people were making stupid assessments of the system months before release. The development kits and pre-release copies of OSX are meant to be in Mac developer hands, not Joe Dork down the street on his PC.

It is not a particular right to run OSX on anything but a Mac, the OSX EULA that you have to agree to in order to install the system specifically states that. Apple locking OSX onto Macs means they can continue to sell the machines with a straight face. No one would bother to buy a Mac if they could just grab a copy of Tiger and slap it on their PC at home. Apple would have little incentive to continue Mac development if there were no Macs being sold.

I know a great deal about TPMs, I have a computer with a TPM. They are very common. Many high end laptops and desktops have TPMs. Here [tonymcfadden.net] is an up to date list of systems that have TPMs. They include manufacturers such as HP, IBM, Acer, NEC, Dell, Gateway, Toshiba, Fujitsu, and Samsung. You've probably heard of some of them. It's easy to get a computer with a TPM. Probably in a few years it will be hard to get a computer without one.

What does a TPM do? Essentially it is just a crypto chip. It can hold keys, and sign and encrypt data with them. It's completely passive. It never takes control of your system or does anything invasive. It doesn't even monitor the bus or snoop on data flows. It merely hashes, signs and encrypts data, on request from the CPU.

How is it used for DRM? It can't be done today. They way it would be used, sometimes in the future, is to ship the chip with a unique key pre-installed in it, and with a certificate from the manufacturer on that key. Then the BIOS and OS get enhanced to do a "trusted boot" in which every software component gets its hash reported to the TPM. This allows the TPM to send out a crypto-signed "attestation" about the software configuration on the computer. It is signed by the built-in key, and that key is known to be a legitimate TPM key by virtue of the certificate that was created at manufacture time.

This lets a remote server verify that you're running a genuine version of Media Player or iTunes and not some hacked thing that will strip the DRM and put it out on the net. Your system can report its software configuration and that attestation can't be forged, because you don't control a TPM key that has a cert on it from a TPM manufacturer.

It's a complicated system, and no part of it exists today. Manufacturers don't ship TPMs with pre-installed keys, and they don't issue certificates. Nobody wants to touch that stuff with a ten foot poll. I know, I've tried to get a computer with a certified TPM for research purposes, but they're just not available.

How would Apple use a TPM to keep the OS from running on non-Apple PCs? This is the $64 question, but I haven't seen much information about it. If they just look for the presence of a TPM, that won't help much - see above for all the computers out there that have TPMs.

My guess is that it is more likely that the mechanism Apple will use or is using to keep from running on non-Apple hardware is not the TPM. They will probably use a custom chip. The TPM is extremely standard, the Trusted Computing Group has hundreds of pages documenting it. It would be crazy to twist that standard.

Rather, I'm guessing that Apple uses the TPM for crypto purposes, possibly with an eye towards eventual DRM if and when the necessary massive infrastructure ever gets built. Due to its unique position as designer of both the computer and the software, Apple might even be in a unique position with regard to rolling out some form of TPM based DRM, just as they were among the first to create a commercially successful DRM system in iTunes. My speculation is that Apple is not using the TPM to stop hackers porting its software, they're using the TPM because it's useful. It just happens that the hackers don't have many systems with TPMs.

If so, then, it is merely accidental that the use of the TPM is a road block for experimenters determined to run the Apple software on non Apple PCs. It's possible that if they looked at the list [tonymcfadden.net] they would find some computers lying around that had TPMs in them, and if they tried on those computers, the TPM software would work fine. Maybe the OS would then run in its current form. It sounds like it's worth a try, anyway.

How is it used for DRM? It can't be done today. They way it would be used, sometimes in the future, is to ship the chip with a unique key pre-installed in it, and with a certificate from the manufacturer on that key. Then the BIOS and OS get enhanced to do a "trusted boot"...

The BIOS part is the one I am slightly worried about. As soon as mainboards come with a BIOS that insists on booting only an "attested" OS, Open Source users will have a problem. Something to look out for when buying hardware in the fu

In your case, you are not running the full monty yet (a
TCPA-compliant Longshorn), which is why it seems so harmless. I'm not
as optimistic as you are about what's coming down the pike. To me, Trusted Computing is like having an M-1 tank on your doorstep. Sure, it's going to be fairly harmless if there are no keys to open it, but the keys will come someday, and you won't be allowed to hold them.

You claim:

It can hold keys, and sign and encrypt data with them. It's
completely passive. It never takes control of your system...

Sorry, there's a little bit more to it, unfortunately. From the
TCG's own FAQ,

... security processes... are protected through the secure TCG
subsystem.

Access to data and secrets in a platform could be denied if
the boot sequence is not as expected...

Features include... attestation of machine configuration when booted...

It sounds simple enough, but there is a whole realm of implications
that will someday come home to roost.

(Beware when reading the TCG's own FAQ, by the way, as they adopt a deceiving "don't blame us, we're not
the ones pulling the trigger" position. So, they gloss over some of
the juicy possibilities a BIOS writer or an application writer will
likely exploit from the technical specs.)

To begin with, the first application that boots up, typically the
BIOS (probably UEFI but any other choice really), if written to do
so can refuse to allow any application to start which isn't signed
by one of the keys securely stored in the TPM. The BIOS will check
the TPM for a matching key for the OS, and if it matches, will allow
it to start. Conversely, if the key doesn't match (for example, a
bootleg OS), the BIOS can just stop right there. Keep in mind, this
is the BIOS handling this, not the TPM, but, unlike even the M-1 tank,
there is no way to tamper with the TPM to change the keys.

Now, once a trusted OS is able to start, it can decide pretty much
autocratically what other applications can start, once again using the
keys locked down by the TPM to check if they are legit or not. So,
programmatically, the TPM doesn't make the decision to lock you out of
using non-vendor applications, but it's just as well as if it
did, because the OS writer can easily use the TPM's secure,
untamperable storage to enforce it. (Note that the motherboard supplier can cooperate with
the OS writer to initialize the TPM with the appropriate keys right
out of the factory (if they wanted to). It's irrelevant if there are
no keys in there right now. The tank is still there, pointing at your
door, waiting for its keys to arrive.)

Other applications, if they are also signed by the TPM, may be
granted the privilege (by the OS) to start and, specifically, to lock
down data, such as video, in order to provide DRM functionality. If
that decision is made, there is no way you will see that video through
any other application unless the application governing the data allows
otherwise. That data can basically be owned entirely by the
application vendor, not you (as different from what the TCG claims,
because no one's going to enjoy watching encrypted video gibberish.
You can technically "own" the gibberish, but you still can't watch the
video...). You may have a choice to delete a video, for example, but
not to view it unless that vendor allows it. It is a backdoor way of
implementing the media (DVD, CD, etc.) equivalent of the broadcast
flag, if the app writer and OS vendor cooperate to that
effect.

Unsigned applications may be allowed to start too, and the TCG
spec says that this is in the "user's" control, but let's face it,
it's really in the OS vendor's control because they control the
machine all the way from bootup. There isn't a little switch on the
TPM chip to allow you to override your OS' choice in the matter.
Still, it's possible that

When the proposed move to Intel was first announced, I suspected this might be the case and therefore asked in my comment about what role DRM would play. Though I didn't elaborate on it, the tip off was the "Roadmap" being more "interesting". It's a shame that Apple is heading that way. However, it's still possible for a more enlightened move from Apple's management.

I still think the problems raised by DRM are greater and more severe than those it purports to fix. Obviously, fair use and doctrine of first sale are the first to disappear. But also, common carriage is at risk, and if DRM gets into routers and switches then it will be possible to make the Internet into the same mess the telecommunications network is in.

The nature of DRM and the clumsy attempts we have seen so far also indicate that there is great potential for human rights abuse, too. There is of course the ability to monitor who is interacting with whom, the DRM software has to track this to work. There is also the ability to block or censor communications. After all, restricting access or dissemination is what DRM is all about. And that directly affects both the right to free speech and the right to peaceably assemble -- after all what can be published or organized without the Internet or the Web these days, without them you're shut off.

If OS X had to run on a gazillion different combinations, that fact would be a major point it making it less reliable and less stable. BECAUSE THE OS IS SOLD TO RUN ON ONLY A FEW HARDWARE OPTIONS, IT"S EASIER TO WRITE AND TEST AND Q/A THE DAMN THING! That is part of the success of OS X and what makes it run so geat. Of course Apple wants the hardware sales, but controling the hardware is critical too. I would not want an OS X that could run on Compaqs to Dells to A Opens to your custom PC because then I wouldn't get uptimes of 90 days (rebooting only for security updates that touch the Kernel, etc).

LOOK AT SOLARIS. Ask anyone who needs a Solaris box to stay up for critical stuff (not FTP server, talking about critical stuff at the core of a company / government / hospital) and it will be on one on Sun's servers, it will NOT be Solaris for Intel. Big metal + Tested Metal = Solaris uptimes of years if need be. Small metal + Tested Metal = OS X I know and love.

You forget that pearpc requires you to buy a copy of OSX. Assuming Apple makes x86 OSX require a handshake with the DRM to work, pearpc will cease to work. That's ignoring the fact that an x86 emulator running on x86 would be more than a little redundant. (that's all pearpc is- a CPU/architecture emulator)

The PPC version, of course, will work, albeit slowly. Really, you're just back to where you started.

iirc, intel's drm is based on a supopsedly "hacker proof" chip that has an rsa keypair in it.

everyone know how those uncrackable chips fared... well every time they tried to do something like this. it failed miserably.

i know what you'll say. "microsoft managed it with the xbox". which is bogus, microsoft's problem is the complete opposite as this one. microsoft is trying to prevent unsigned code from running on "their" hardware.

apple is trying to prevent their code from running on "unsigned" hardware. that implies the private key is in the paladium chip so it can "sign" a token sent by the OS. that's the worst case senario, and it will just take a few months to reverse engineer and distribute apple's private key along with pearpc (yes, you can read the key from that suposedly secure chip).

another possible implementation is that the chip just sends an "apple" id. maybe s string of text or something like that. that's even easier to circumvent.

don't be fooled by their marketing, pearpc will work just fine, albeit maybe illegally in the US (and canada soon). thanks to the DMCA

> This silly conspiracy theory is getting tiring. Why would Dell & HP> prevent paying customers from running Linux or DOS or whatever the fuck> they wanted to run? Both companies sell Linux and brag about how much> money it makes them.

Simple. Same reason you can't buy a PC from Dell without an OS except for a couple of Optiplex lines they target at the corporate users who already have site licenses. And even for those they have to toss FreeDOS in the box to make Microsoft happy.

Now imagine a world where Microsoft requires a locked TCPA chip to boot a future version of Windows. Basically they will speak unto Dell thusly: "If you want to sell Windows you will stick this chip on each and every motherboard. And if you don't want to pay the whitebox chopshop price for licenses you will join our co-op marketing program which requires you stick this chip on ALL motherboards you sell. No exceptions. Hey bitch, you already give Intel the same 100% loyalty so now you serve TWO masters. Starting today you no longer sell Dells, you sell Windows Workstations with Intel Inside and if you don't like that I have the same contract manufacturers you job your actual work out to ready to make em for me direct and a bunch of Indians ready to roll on deploying an ecommerce site to sell them through."

That theory has been kicked around a little already and it seems to make sense on the surface but it ignores no less than three very important points.

1) Installed base. If Apple intends to promote a movie download service that only runs on Macintels, it's going to flop big time and worse than just flopping, it's going to really piss off people who bought PPC hardware in the past couple of years.

2) Transion time frame. Apple will begin the transition to Intel next year but it won't be selling Intel boxes exclusively until 2007. That means the announcement of a service that requires an Intel box would have to wait until then or risk killing hardware sales. Somebody else will be doing it before that.

3) iTMS model? Assuming they intend to follow the same model with their movie store, where selling movies is really just a way to move a different product (video iPod, set-top box, etc), they'll want to sell movies to Windows users as well as Mac users just as they do with music now. They'll also need to allow users to move their purchased movies to another device which may or may not contain the same DRM.

Anyway, they don't need hardware DRM to open a movie store. They have a perfectly good software based DRM for music so something similar should be enough to make the movie industry happy.

The switch from IBM to Intel has nothing to do with speed, heat, or anything else anyone has suspected. It's control.

Nonsense. Apple was leaving billions a year on the table because IBM wasn't supplying the parts that Apple needed. It's a lot easier (and cheaper) to add hardware DRM to the PPC or to an Apple motherboard than it is to shift the entire product line a different processor.

Well, imagine you hired somebody and you told him to do something. You want him to do it.... NOW!

Now, imagine you hired somebody and you told him to do something, but now, instead of just doing it, he insists on getting permission from someone else before he will do what you tell him to do. This leaves someone else in complete power of whether or not you can get this guy to do what you hired him to do in the first place...

Its yet another layer ( possibly dozens of layers ) of additional negotiation that

Oh, be serious now. It's their OS. They want to keep it on their hardware, for several reasons (which I think have been hashed out sufficiently). The technology is available (in the form of TCPA) to do it. And really, I think this is the most sensible, legitimate use of this technology that I've heard of. Really, what'd you think they were going to do - cross their fingers and hope? I think it's pretty clear Jobs & Co. have thought about this long and hard. So no, I don't think this is boycott-worthy.